skip to main content


Title: Nascent: Tackling Caller-ID Spoofing in 4G Networks via Efficient Network-Assisted Validation
Caller-ID spoofing deceives the callee into believing a call is originating from another user. Spoofing has been strategically used in the now-pervasive telephone fraud, causing substantial monetary loss and sensitive data leakage. Unfortunately, caller-ID spoofing is feasible even when user authentication is in place. State-of-the-art solutions either exhibit high overhead or require extensive upgrades, and thus are unlikely to be deployed in the near future. In this paper, we seek an effective and efficient solution for 4G (and conceptually 5G) carrier networks to detect (and block) caller-ID spoofing. Specifically, we propose Nascent, Network-assisted caller ID authentication, to validate the caller-ID used during call setup which may not match the previously-authenticated ID. Nascent functionality is split between data-plane gateways and call control session functions. By leveraging existing communication interfaces between the two and authentication data already available at the gateways, Nascent only requires small, standard-compatible patches to the existing 4G infrastructure. We prototype and experimentally evaluate three variants of Nascent in traditional and Network Functions Virtualization (NFV) deployments. We demonstrate that Nascent significantly reduces overhead compared to the state-of-the-art, without sacrificing effectiveness.  more » « less
Award ID(s):
1717493
NSF-PAR ID:
10097802
Author(s) / Creator(s):
; ; ;
Date Published:
Journal Name:
IEEE INFOCOM 2019 - IEEE Conference on Computer Communications
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. Caller ID spoofing forges the authentic caller identity, thus making the call appear to originate from another user. This seemingly simple attack technique has been used in the growing telephony frauds and scam calls, resulting in substantial monetary loss and victim complaints. Unfortunately, caller ID spoofing is easy to launch, yet hard to defend; no effective and practical defense solutions are in place to date. In this paper, we propose CEIVE (Callee-only inference and verification), an effective and practical defense against caller ID spoofing. It is a victim callee only solution without requiring additional infrastructure support or changes on telephony systems. We formulate the design as an inference and verification problem. Given an incoming call, CEIVE leverages a callback session and its associated call signaling observed at the phone to infer the call state of the other party. It further compares with the anticipated call state, thus quickly verifying whether the incoming call comes from the originating number. We exploit the standardized call signaling messages to extract useful features, and devise call-specific verification and learning to handle diversity and extensibility. We implement CEIVE on Android phones and test it with all top four US mobile carriers, one landline and two small carriers. It shows 100% accuracy in almost all tested spoofing scenarios except one special, targeted attack case. 
    more » « less
  2. We present the demonstration of CEIVE (Callee-only inference and verification), an effective and practical defense against caller ID spoofing. CEIVE is a victim callee only solution without requiring additional infrastructure support or changes on telephony systems; It is ready to deploy and easy to use. Given an incoming call, CEIVE leverages a callback session and its associated call signaling observed at the phone to infer the call state of the other party. It further compares with the anticipated call state of the incoming call, thus quickly verifying whether the incoming call comes from the originating number or not. In this demo, we demonstrate CEIVE installed on Android phones combating both basic and advanced caller ID spoofing attacks. 
    more » « less
  3. null (Ed.)
    In recent years, biometrics (e.g., fingerprint or face recognition) has replaced traditional passwords and PINs as a widely used method for user authentication, particularly in personal or mobile devices. Differing from state-of-the-art biometrics, heart biometrics offer the advantages of liveness detection, which provides strong tolerance to spoofing attacks. To date, several authentication methods primarily focusing on electrocardiogram (ECG) have demonstrated remarkable success; however, the degree of exploration with other cardiac signals is still limited. To this end, we discuss the challenges in various cardiac domains and propose future prospectives for developing effective heart biometrics systems in real-world applications. 
    more » « less
  4. Telephone users are receiving more and more unwanted calls including spam and scam calls because of the transfer-without-verification nature of global telephone networks, which allows anyone to call any other numbers. To avoid unwanted calls, telephone users often ignore or block all incoming calls from unknown numbers, resulting in the missing of legitimate calls from new callers. This paper takes an end-to-end perspective to present a solution to block unwanted calls while allowing users to define the policies of acceptable calls. The proposed solution involves a new infrastructure based on anonymous credentials, which enables anonymous caller authentication and policy definition. Our design decouples caller authentication and call session initiation and introduces a verification code to interface and bind the two processes. This design minimizes changes to telephone networks, reduces latency to call initiation, and eliminates the need for a call-time data channel. A prototype of the system is implemented to evaluate its feasibility. 
    more » « less
  5. This is an extended abstract for Research Demo Session based on our published article [1]. One of the major vulnerabilities of the Internet of Medical Things (IoMT) devices is identity spoofing. As a solution, a device authentication protocol is presented in this paper which authenticates the devices in the network without storing the information in the memory.Physical Unclonable Functions (PUFs) are used for giving a unique identity to each device present in the network and for being authenticated when transmitting the data to the serve 
    more » « less